Lucene search
K

94 matches found

CNNVD
CNNVD
added 2023/02/12 12:0 a.m.6 views

Grup Arge Energy and Control Systems SmartPower Energy Management System 输入验证错误漏洞

Grup Arge Energy and Control Systems SmartPower Energy Management System is a web-based system from Grup Arge Energy and Control Systems developed specifically to improve energy efficiency in organizations. A security vulnerability exists in Grup Arge Energy and Control Systems SmartPower Energy...

9.8CVSS8.3AI score0.00724EPSS
Exploits0References3
CNNVD
CNNVD
added 2023/02/12 12:0 a.m.5 views

Grup Arge Energy and Control Systems SmartPower Energy Management System 跨站脚本漏洞

Grup Arge Energy and Control Systems SmartPower Energy Management System is a web-based system from Grup Arge Energy and Control Systems developed specifically to improve energy efficiency in organizations. A cross-site scripting vulnerability exists in Grup Arge Energy and Control Systems...

5.4CVSS5.4AI score0.00358EPSS
Exploits0References3
Cvelist
Cvelist
added 2023/02/09 10:50 a.m.26 views

CVE-2022-4557 SQL Injection in Smartpower Web

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Group Arge Energy and Control Systems Smartpower Web allows SQL Injection. This issue affects Smartpower Web: before 23.01.01...

9.8CVSS10AI score0.00658EPSS
Exploits0References2
CVE
CVE
added 2023/02/09 10:50 a.m.69 views

CVE-2022-4557

CVE-2022-4557 affects Smartpower Web (Group Arge Energy and Control Systems). The vulnerability is an SQL Injection caused by improper neutralization of special elements in SQL commands within Smartpower Web prior to version 23.01.01. Reported impact is high across confidentiality, integrity, and...

9.8CVSS7.3AI score0.00658EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2023/02/09 10:50 a.m.9 views

CVE-2022-4557 SQL Injection in Smartpower Web

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Group Arge Energy and Control Systems Smartpower Web allows SQL Injection. This issue affects Smartpower Web: before 23.01.01...

9.8CVSS7.3AI score0.00658EPSS
Exploits0References2
CVE
CVE
added 2023/02/08 7:27 p.m.60 views

CVE-2022-45091

CVE-2022-45091 affects Grup Arge Energy and Control Systems Smartpower Web; the issue is an improper neutralization of user input during web page generation, enabling Cross-site Scripting (XSS). Affected version is Smartpower Web before 23.01.01. Mitigation: upgrade to version 23.01.01 or later (...

5.4CVSS6AI score0.00358EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2023/02/08 7:27 p.m.11 views

CVE-2022-45091 Cross-site Scripting in Smartpower Web

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Group Arge Energy and Control Systems Smartpower Web allows Cross-Site Scripting XSS. This issue affects Smartpower Web: before 23.01.01...

5.4CVSS6AI score0.00358EPSS
Exploits0References2
Cvelist
Cvelist
added 2023/02/08 7:27 p.m.27 views

CVE-2022-45091 Cross-site Scripting in Smartpower Web

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Group Arge Energy and Control Systems Smartpower Web allows Cross-Site Scripting XSS. This issue affects Smartpower Web: before 23.01.01...

5.4CVSS5.7AI score0.00358EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2023/02/08 7:21 p.m.10 views

CVE-2022-45090 SQL Injection in Smartpower Web

Improper Input Validation vulnerability in Group Arge Energy and Control Systems Smartpower Web allows SQL Injection. This issue affects Smartpower Web: before 23.01.01...

8.8CVSS7.3AI score0.0064EPSS
Exploits0References2
Cvelist
Cvelist
added 2023/02/08 7:21 p.m.31 views

CVE-2022-45090 SQL Injection in Smartpower Web

Improper Input Validation vulnerability in Group Arge Energy and Control Systems Smartpower Web allows SQL Injection. This issue affects Smartpower Web: before 23.01.01...

8.8CVSS9.2AI score0.0064EPSS
Exploits0References2
CVE
CVE
added 2023/02/08 7:21 p.m.50 views

CVE-2022-45090

The CVE-2022-45090 entry concerns an Improper Input Validation vulnerability in Group Arge Energy and Control Systems Smartpower Web, enabling SQL Injection. Multiple sources (Red Hat, NVD, CNNVD/CVE record) describe that Smartpower Web versions before 23.01.01 are affected due to insufficient in...

8.8CVSS7.3AI score0.0064EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2023/02/08 7:18 p.m.61 views

CVE-2022-45089

CVE-2022-45089 applies to Smartpower Web from Group Arge Energy and Control Systems, with versions prior to 23.01.01 vulnerable due to improper input validation that enables SQL Injection (high impact, network exposure). Mitigation: upgrade to 23.01.01 or later (per PT-2023-14597 and vendor advis...

8.8CVSS7.3AI score0.0064EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2023/02/08 7:18 p.m.8 views

CVE-2022-45089 SQL Injection in Smartpower Web

Improper Input Validation vulnerability in Group Arge Energy and Control Systems Smartpower Web allows SQL Injection. This issue affects Smartpower Web: before 23.01.01...

8.8CVSS7.3AI score0.0064EPSS
Exploits0References2
Cvelist
Cvelist
added 2023/02/08 7:18 p.m.30 views

CVE-2022-45089 SQL Injection in Smartpower Web

Improper Input Validation vulnerability in Group Arge Energy and Control Systems Smartpower Web allows SQL Injection. This issue affects Smartpower Web: before 23.01.01...

8.8CVSS9.2AI score0.0064EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2023/02/08 6:50 p.m.10 views

CVE-2022-45088 Local File Inclusion in Smartpower Web

Improper Input Validation vulnerability in Group Arge Energy and Control Systems Smartpower Web allows PHP Local File Inclusion. This issue affects Smartpower Web: before 23.01.01...

9.8CVSS7.3AI score0.00724EPSS
Exploits0References2
Cvelist
Cvelist
added 2023/02/08 6:50 p.m.34 views

CVE-2022-45088 Local File Inclusion in Smartpower Web

Improper Input Validation vulnerability in Group Arge Energy and Control Systems Smartpower Web allows PHP Local File Inclusion. This issue affects Smartpower Web: before 23.01.01...

9.8CVSS9.7AI score0.00724EPSS
Exploits0References2
CVE
CVE
added 2023/02/08 6:50 p.m.61 views

CVE-2022-45088

CVE-2022-45088 corresponds to an Improper Input Validation vulnerability in Smartpower Web by Group Arge Energy and Control Systems. Affected: Smartpower Web prior to version 23.01.01. Root cause: inadequate input validation enabling PHP Local File Inclusion. Impact as stated: potential exposure ...

9.8CVSS7.3AI score0.00724EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2023/02/08 6:46 p.m.27 views

CVE-2022-45087 Cross-site Scripting in Smartpower Web

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Group Arge Energy and Control Systems Smartpower Web allows Cross-Site Scripting XSS. This issue affects Smartpower Web: before 23.01.01...

6.1CVSS6.3AI score0.00378EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2023/02/08 6:46 p.m.10 views

CVE-2022-45087 Cross-site Scripting in Smartpower Web

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Group Arge Energy and Control Systems Smartpower Web allows Cross-Site Scripting XSS. This issue affects Smartpower Web: before 23.01.01...

6.1CVSS6.6AI score0.00378EPSS
Exploits0References2
CVE
CVE
added 2023/02/08 6:46 p.m.56 views

CVE-2022-45087

CVE-2022-45087 describes an XSS vulnerability in Group Arge Energy and Control Systems' Smartpower Web prior to version 23.01.01, caused by improper neutralization of user input during web page generation. Impact is limited to web-based UI exposure of stored/ reflected input with low confidential...

6.1CVSS6.1AI score0.00378EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder